Hack Reports Fly Ahead of China, US Presidents' Meeting

The latest accusations of China-based hack attacks may provide ammunition for President Obama as he sits down to discuss cybersecurity with China's President Xi Jinping. Political espionage is nothing new, of course, but state-sponsored economic espionage is another story. "That's what's causing the huge angst and outcry," said analyst Christopher Ling.

Numerous new accusations have kept cyberespionage firmly in the media spotlight in the run-up to President Barack Obama's meeting this week with Chinese President Xi Jinping.

Within 24 hours, two separate stories broke about Chinese hackers pinching the designs for some of Uncle Sam's critical weapons systems and nicking the architectural plans for an about-to-be-finished US$630 million headquarters for Australia's top spy agency.

Although there's still plenty of skepticism about many of the attacks attributed to the Chinese government -- attacks that government denies any role in -- the likelihood is high that the Net forays were state-sponsored.

"The Chinese actors are probably the most active and persistent," Booz Allen Hamilton Senior Vice President Christopher Ling told TechNewsWorld.

'Angst and Outcry'

Military and intelligence espionage may have made recent headlines, but the primary focus of the hackers is economic espionage. That's especially distasteful in the United States, where the line drawn between economic and state-sponsored espionage is as sharp as the one between church and state.

"Our intelligence community has been set up for national security purposes," Ling said. "In many other countries, the intelligence community not only provides national security, it's also involved in economic espionage.

"The activity of the Chinese isn't confined to military trade secrets, but they're prolifically active in other industries as well," he added.

That economic espionage component is what's escalating concern about the current rash of cyberintrusions.

"This whole thing about cyberespionage isn't new," Ling said. "It's been going on for decades. It was just traditionally held at the nation-state level."

What's changed, he continued, "is that as companies become more and more reliant on IT systems, their proprietary property is being targeted by nation-states as well as hackers.

"That's what's causing the huge angst and outcry," he added.

Twitter 2FA Attacks

For weeks following the hack of The Associated Press's Twitter account in April, the microblogging service was flogged on the Net for failing to implement two-factor authentication -- that is, the use of both a password and a code sent to a cellphone to authenticate a user's login on suspicious occasions.

No sooner did Twitter relent and adopt 2FA than the practice came under criticism because it could be used to lock out an authentic user.

For example, it's possible to tell Twitter
to stop sending messages to a cellphone, noted F-Secure researcher Sean Sullivan, by spoofing a target's mobile number and sending a text message with the word "stop" in it, along with an appropriate country Twitter short code. That will effectively disable 2FA.

The potential hacks don't end there, though. If an account doesn't have 2FA enabled and a hacker gets control of the account through social engineering, then the hacker can activate 2FA and effectively lock an authentic user out of the account, Sullivan also pointed out.

Security vs. Convenience

Now that Twitter has 2FA, the question remains how many people will actually use it.

"Adding factors to the login process is going to improve security, but it also decreases convenience for users," said Bill Carey, vice president of
Siber Systems, which makes the password management program RoboForm. "It will be interesting to see how many users actually elect to use the two-factor authentication."

Convenient or not, it appears RoboForm won't be bucking the 2FA tide in a future version of the program.

"It's something that we are considering," Carey told TechNewsWorld. "My guess is we will likely have 2FA options available by the end of the year."

Spam Capital: Belarus

Spammers can send their junk from the darnedest places. A case in point: Belarus.

Digital detritus has been pouring out of that nation, which is surrounded by Russia, Ukraine, Poland, Lithuania and Latvia, at an alarming rate.

Spam traffic from Belarus spiked in April and hasn't relented since, AppRiver reported last week. It went from spewing an average of 3.1 million junk emails a day to 12.3 million and climbing; most of it was pharmaceutical spam.

It's unclear why Belarus has become so popular with spammers.

"The U.S. often leads in the spam-sending category, but for some reason, last month Belarus jumped in front," AppRiver security analyst Fred Touchette told TechNewsWorld.

Data Breach Diary

May 28. LulzSec hacker Jeremy Hammond, accused of breaking into security company Stratfor's servers and distributing internal files to WikiLeaks, pleads guilty to one violation of the Computer Fraud and Abuse Act. Penalty for violation carries maximum sentence of 10 years in prison.

May 30. Online notebook app Evernote adds two-factor authentication and other security measures to protect members' security. A data breach of Evernote in March forced it to reset the passwords of some 50 million users.

May 30. Drupal.org resets the passwords of all its users after discovering that its servers were accessed by unauthorized parties. The breach occurred through a third-party app at the website, it said. Drupal is a content management system whose clients include The Economist, Examiner.com and the White House.

May 31. Your Anon News' Tumblr and Twitter accounts were hacked by a group calling itself the "Rustle League," which issued a number of tweets containing offensive language.